alexusmai laravel-file-manager 3
Description
alexusmai laravel-file-manager 3
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17282 vulnerabilities with AI analyst insights
alexusmai laravel-file-manager 3
alexusmai laravel-file-manager 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Free5gc 4
Free5gc 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malfo...
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An issue was discovered in Chipsalliance Rocket-Chip commit f517abbf41abb65cea37421d3559f9739efd00a9 (2025-01-29) allowing attackers to corrupt except...
An issue was discovered in Chipsalliance Rocket-Chip commit f517abbf41abb65cea37421d3559f9739efd00a9 (2025-01-29) allowing attackers to corrupt exception handling and privilege state transitions via a flawed interaction between exception handling and MRET return mechanisms in the CSR logic when an exception is triggered during MRET execution
Executive Summary:
A high-severity vulnerability has been discovered in the Chipsalliance Rocket-Chip hardware design, which is used in multiple products. The flaw allows a potential attacker to corrupt system processes and gain elevated privileges by exploiting a weakness in how the processor handles errors. Successful exploitation could lead to a complete compromise of the affected device.
Vulnerability Details
CVE-ID: CVE-2025-56301
Affected Software: issue Multiple Products
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability exists in the Control and Status Register (CSR) logic of the Rocket-Chip core. A race condition can be triggered when a hardware exception (e.g., a page fault) occurs at the exact moment the processor is executing an MRET (Machine-mode Return from Exception) instruction. This flawed interaction corrupts the processor's internal state, specifically affecting the mechanisms that manage privilege levels and exception handling. An attacker with the ability to execute code on an affected system can craft a specific sequence of operations to trigger this condition, potentially leading to privilege escalation from a lower-privileged mode to Machine-mode, the highest privilege level.
Business Impact
This vulnerability is rated as High severity with a CVSS score of 7.5. Exploitation could lead to a complete system compromise, as an attacker could escalate their privileges to the highest level. This would grant them unrestricted access to all system resources, including sensitive data, system configurations, and connected hardware. The potential business impact includes data breaches, intellectual property theft, system-wide denial of service, and the ability for an attacker to establish a persistent foothold within the infrastructure. Given that Rocket-Chip is a hardware design, this flaw could impact a wide range of embedded systems, IoT devices, and other computing platforms, making asset identification a critical first step.
Remediation Plan
Immediate Action:
Proactive Monitoring:
Compensating Controls:
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of October 1, 2025, there are no known public exploits or active exploitation campaigns targeting this vulnerability. However, the flaw resides at a fundamental hardware level, making it a high-value target for advanced threat actors. The technical details in the disclosure may be sufficient for skilled security researchers to develop a proof-of-concept exploit.
Analyst Recommendation
Due to the high severity (CVSS 7.5) and the critical nature of this vulnerability, which allows for privilege escalation to the highest system level, immediate action is required. Although this vulnerability is not currently listed on the CISA KEV (Known Exploited Vulnerabilities) catalog, its potential for complete system compromise warrants urgent attention. Organizations are strongly advised to prioritize the identification of all affected assets and deploy the vendor-provided patches without delay to mitigate the risk of a security breach.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
code-projects Computer Laboratory System 1
code-projects Computer Laboratory System 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SourceCodester Web-based Pharmacy Product Management System 1
SourceCodester Web-based Pharmacy Product Management System 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a craft...
A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file.
Executive Summary:
A critical remote code execution vulnerability, identified as CVE-2025-56267, has been discovered in Avigilon Access Control Manager (ACM). An attacker can exploit this flaw by uploading a specially crafted file to the system, allowing them to execute arbitrary code and potentially gain full control over the physical access control server. Successful exploitation could lead to a severe physical and logical security breach, enabling unauthorized access to facilities and sensitive data.
Vulnerability Details
CVE-ID: CVE-2025-56267
Affected Software: Avigilon Access Control Manager (ACM)
Affected Versions: Version 7.10.0.20. See vendor advisory for a complete list of affected versions and products.
Vulnerability: This vulnerability is a CSV Injection that leads to server-side remote code execution. An attacker can craft a CSV or Excel file containing malicious formulas. When this file is uploaded to the /id_profiles endpoint, the Avigilon ACM server improperly parses the file, interpreting the malicious formula as a command and executing it with the privileges of the application. This allows an unauthenticated or low-privileged attacker to execute arbitrary code on the underlying server, leading to a complete system compromise.
Business Impact
This vulnerability is rated as critical with a CVSS score of 9.8. A successful exploit would have a severe impact on business operations and security. An attacker could gain complete control of the physical access control system, granting them the ability to remotely lock or unlock doors, disable security alarms, and manipulate identity profiles. This poses a direct risk of unauthorized physical access to sensitive areas, theft of assets, and potential harm to personnel. Furthermore, compromising the ACM server could serve as a pivot point for attackers to move laterally across the corporate network, leading to a wider data breach and significant operational disruption.
Remediation Plan
Immediate Action: Update the affected Avigilon ACM software to the latest patched version as recommended by the vendor. After patching, monitor for any further exploitation attempts and review historical access logs for suspicious file uploads to the /id_profiles endpoint.
Proactive Monitoring:
/id_profiles endpoint. Look for unusual file names, file types, or requests originating from untrusted IP addresses.Compensating Controls:
If immediate patching is not feasible, implement the following controls:
/id_profiles endpoint that contain malicious patterns or formulas (e.g., strings starting with =, +, -, or @).Exploitation Status
Public Exploit Available: False
Analyst Notes: As of September 8, 2025, there are no known public proof-of-concept exploits or active exploitation campaigns targeting this vulnerability. However, due to the critical severity (CVSS 9.8) and the straightforward nature of the attack vector, it is highly probable that threat actors will develop and deploy exploits in the near future.
Analyst Recommendation
This vulnerability represents a critical risk to the organization's physical and cybersecurity posture. Given the severity and the potential for complete system compromise, immediate remediation is imperative. We strongly recommend that all organizations using the affected Avigilon ACM product apply the vendor-supplied patches on an emergency basis. Although this CVE is not currently on the CISA KEV list, its high impact makes it a likely candidate for future inclusion. If patching cannot be performed immediately, the compensating controls listed above should be implemented without delay to reduce the attack surface.
Update A CSV injection vulnerability in the Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL.
A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL.
Executive Summary:
A critical vulnerability has been identified in Avigilon Access Control Manager (ACM) software that could allow a remote attacker to take complete control of the system. This flaw, resulting from a Host Header Injection, can be exploited by sending a specially crafted URL, enabling the attacker to execute arbitrary code, potentially leading to unauthorized physical access, data theft, and disruption of security operations.
Vulnerability Details
CVE-ID: CVE-2025-56266
Affected Software: Avigilon Access Control Manager (ACM)
Affected Versions: Version 7.10.0.20 is confirmed vulnerable. See vendor advisory for a complete list of specific affected versions and products.
Vulnerability: The vulnerability exists because the Avigilon ACM application improperly validates the Host header in incoming HTTP requests. An unauthenticated remote attacker can exploit this by sending a web request with a malicious, specially crafted Host header. The application then uses this untrusted input in a way that leads to arbitrary code execution on the server, allowing the attacker to gain full control over the underlying system hosting the ACM software.
Business Impact
This vulnerability is rated as critical severity with a CVSS score of 9.8. Successful exploitation could have a severe impact on the organization, leading to a complete compromise of the Avigilon Access Control Manager system. Potential consequences include unauthorized physical access to facilities managed by the ACM, theft of sensitive data, disruption of security operations, and the ability for an attacker to establish a persistent foothold in the corporate network for further attacks. The compromise of a physical access control system represents a significant threat to both digital and physical security.
Remediation Plan
Immediate Action: Immediately apply the security patches provided by the vendor to update Avigilon ACM to the latest, non-vulnerable version. After patching, it is crucial to monitor for any signs of exploitation attempts by reviewing web server access logs and application logs for unusual or malformed Host headers.
Proactive Monitoring: Implement continuous monitoring of web server and application logs for requests containing unusual or mismatched Host headers. Monitor network traffic to and from the ACM server for anomalous patterns, such as connections to unknown external IP addresses. System-level monitoring should be in place to detect unexpected processes, file modifications, or unauthorized user account activity on the server hosting the ACM software.
Compensating Controls: If immediate patching is not feasible, implement the following compensating controls:
Host headers.Host header against a whitelist of known, legitimate hostnames.Exploitation Status
Public Exploit Available: false
Analyst Notes: As of the publication date (Sep 8, 2025), there are no known public proof-of-concept exploits or reports of this vulnerability being actively exploited in the wild. However, given the critical severity and the direct path to remote code execution, security researchers and threat actors are likely to develop exploits rapidly.
Analyst Recommendation
Due to the critical CVSS score of 9.8 and the risk of complete system compromise, it is our strong recommendation to prioritize patching all vulnerable Avigilon ACM instances immediately. A successful exploit could lead to a severe breach of both physical and cybersecurity. Although this CVE is not yet listed on the CISA KEV catalog, its severity makes it a prime candidate for future inclusion. Organizations should treat this as an emergency and apply the vendor-supplied updates without delay.
Update A Host Header Injection vulnerability in Avigilon ACM Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1
An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1
Executive Summary:
A high-severity vulnerability has been identified in the Chat Trigger component affecting multiple products, including N8N v1. This flaw allows an unauthenticated attacker to upload arbitrary files, which could lead to the execution of malicious code and a complete compromise of the affected server. Organizations are urged to apply vendor-provided security updates immediately to mitigate the significant risk of data theft and system takeover.
Vulnerability Details
CVE-ID: CVE-2025-56265
Affected Software: Chat Trigger Multiple Products
Affected Versions: N8N v1 and other products utilizing the affected Chat Trigger component. See vendor advisory for specific affected versions.
Vulnerability: The vulnerability is an arbitrary file upload within the Chat Trigger component. An attacker can exploit this flaw by crafting a malicious request to the application's file upload functionality, bypassing any intended file type or size restrictions. By uploading a file containing executable code (such as a web shell), the attacker can subsequently trigger its execution on the server, leading to Remote Code Execution (RCE) with the privileges of the web server application.
Business Impact
This is a High severity vulnerability with a CVSS score of 8.8. Successful exploitation could have a severe impact on the business, leading to a full compromise of the underlying server. Potential consequences include unauthorized access to sensitive corporate or customer data, data exfiltration, service disruption, and the ability for an attacker to use the compromised system as a pivot point to attack other internal network resources. The direct business risks include reputational damage, financial loss from remediation efforts and operational downtime, and potential regulatory penalties for data breaches.
Remediation Plan
Immediate Action: Apply vendor security updates immediately across all affected systems to patch the vulnerability. Following the update, it is crucial to monitor for any signs of exploitation attempts that may have occurred prior to patching by thoroughly reviewing application and web server access logs for suspicious activity.
Proactive Monitoring: Security teams should actively monitor for indicators of compromise. This includes looking for unusual file uploads in web-accessible directories (e.g., files with extensions like .php, .jsp, .aspx), unexpected outbound network connections from the server, and anomalous CPU or memory usage. Review HTTP logs for POST requests to file upload endpoints that contain suspicious filenames or content types.
Compensating Controls: If immediate patching is not feasible, implement the following controls to reduce risk:
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of September 8, 2025, there are no known public exploits or active exploitation campaigns targeting this vulnerability. However, due to the high CVSS score and the critical impact of remote code execution, it is highly probable that proof-of-concept exploits will be developed and released by security researchers or threat actors in the near future.
Analyst Recommendation
Given the high severity (CVSS 8.8) of this vulnerability, we strongly recommend that organizations prioritize the immediate application of the vendor-supplied patches to all affected systems. Although this CVE is not currently listed on the CISA KEV catalog, its critical nature makes it a prime candidate for future inclusion and a valuable target for attackers. If patching is delayed, the compensating controls outlined above should be implemented without delay to mitigate the significant risk of a system compromise.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The /api/comment endpoint in zhangyd-c OneBlog 2
The /api/comment endpoint in zhangyd-c OneBlog 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
by-night sms V1
by-night sms V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8
A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8
A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8
Executive Summary:
A high-severity vulnerability has been identified in SigningHub v8, a product from the vendor "lack". The flaw, a lack of rate limiting on a file upload component, could allow an attacker to send a flood of requests, overwhelming the system and causing a denial-of-service, making the application unavailable for legitimate users and disrupting business operations.
Vulnerability Details
CVE-ID: CVE-2025-56223
Affected Software: lack Multiple Products
Affected Versions: SigningHub v8. See vendor advisory for specific affected versions.
Vulnerability: The vulnerability exists within the /Home/UploadStreamDocument component, which fails to implement rate limiting. An unauthenticated attacker can exploit this by sending a massive volume of file upload requests in a short period. This action can exhaust server resources such as CPU, memory, network bandwidth, and disk space, leading to a denial-of-service (DoS) condition that renders the SigningHub application unresponsive and inaccessible to all users.
Business Impact
This vulnerability is rated as High severity with a CVSS score of 7.5. Exploitation could lead to significant business disruption by making the critical document signing service unavailable. The direct consequences include operational downtime, loss of productivity, potential financial losses from interrupted business processes, and damage to the organization's reputation. The primary risk is a prolonged service outage affecting all users who rely on the SigningHub platform for their workflows.
Remediation Plan
Immediate Action: Apply the security updates provided by the vendor immediately to all affected systems. Before deploying to production, it is recommended to test the patches in a non-production environment to ensure stability. Concurrently, actively monitor for exploitation attempts by reviewing web server and application access logs for anomalous activity targeting the affected component.
Proactive Monitoring: Security teams should configure monitoring and alerting for an abnormally high number of POST requests to the /Home/UploadStreamDocument endpoint, particularly from a single source IP address or subnet. Monitor server performance metrics (CPU utilization, memory usage, disk I/O) for sudden and sustained spikes that could indicate an ongoing DoS attack.
Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) or a reverse proxy to enforce rate limiting on the /Home/UploadStreamDocument endpoint. Configure rules to temporarily block IP addresses that exceed a reasonable request threshold within a given timeframe.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of October 20, 2025, there are no known public exploits or active exploitation campaigns targeting this vulnerability. However, due to the straightforward nature of rate-limiting attacks, it is highly probable that proof-of-concept exploits could be developed quickly by threat actors.
Analyst Recommendation
Given the High severity rating and the significant potential for business disruption, it is strongly recommended that the organization prioritize the deployment of the vendor-supplied security patches across all affected SigningHub instances. Although this vulnerability is not currently listed on the CISA KEV (Known Exploited Vulnerabilities) catalog, its impact on service availability warrants immediate attention. If patching is delayed for any reason, the implementation of compensating controls, such as WAF-based rate limiting, should be considered an urgent and critical temporary measure to mitigate risk.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack.
A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack.
---METADATA---
VENDOR: Ascertia
PRODUCT: SigningHub
AFFECTED_VERSIONS: v8.6.8
CONFIDENCE: high
MISSING: patch, exploit_status
---END_METADATA---
Description Summary:
A lack of rate limiting in the SigningHub login mechanism enables attackers to perform brute-force attacks against user accounts.
Executive Summary:
A critical authentication bypass vulnerability in SigningHub v8.6.8 due to missing rate limiting allows attackers to compromise user accounts through brute-force credential guessing.
Vulnerability Details
CVE-ID: CVE-2025-56221
Affected Software: Ascertia SigningHub
Affected Versions: v8.6.8
Vulnerability: The vulnerability exists due to a lack of rate limiting on the authentication endpoint, allowing unauthenticated attackers to automate password guessing attacks against valid user accounts.
Business Impact
Successful exploitation allows unauthorized access to SigningHub, which often handles sensitive document signing and verification workflows. A CVSS score of 9.8 reflects the high risk of credential harvesting and account takeover, potentially leading to unauthorized document signatures and compromise of confidential business agreements.
Remediation Plan
Immediate Action: Upgrade to the latest version of SigningHub where rate limiting has been enforced on the login interface.
Proactive Monitoring: Monitor authentication logs for high volumes of failed login attempts originating from single or distributed IP addresses.
Compensating Controls: Implement account lockout policies or multi-factor authentication (MFA) to mitigate the impact of brute-force attempts while the update is being applied.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Oct 17, 2025, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The absence of rate limiting makes this platform highly susceptible to automated credential attacks. Administrators must prioritize updating the application to a patched version or implementing strict network-level access controls to block brute-force attempts immediately.
Update A lack of rate limiting in the login mechanism of SigningHub Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Incorrect access control in SigningHub v8
Incorrect access control in SigningHub v8
Executive Summary:
A high-severity vulnerability has been identified in SigningHub v8, which stems from an incorrect access control mechanism. This flaw could allow a low-privileged authenticated user to gain unauthorized access to view, modify, or sign sensitive documents, potentially compromising data confidentiality and integrity. Organizations using the affected software are exposed to risks of data leakage, unauthorized actions, and legal or financial repercussions.
Vulnerability Details
CVE-ID: CVE-2025-56219
Affected Software: Multiple Products (Specifically SigningHub)
Affected Versions: SigningHub Version 8. See vendor advisory for a complete list of specific affected versions and products.
Vulnerability: The vulnerability is an incorrect access control, often referred to as a Broken Access Control flaw. An authenticated attacker with low-level privileges can exploit this by manipulating specific parameters in their requests to the application server. This could allow them to bypass security checks and perform actions on behalf of other users, including those with higher privileges. The exploit does not require advanced technical skills and could be accomplished by altering identifiers in API calls or URL parameters to access resources that should be restricted.
Business Impact
This vulnerability is rated as High severity with a CVSS score of 7.5. Exploitation could lead to significant business impact, including the breach of confidential information stored within the document signing platform, such as contracts, financial records, and personal data. An attacker could potentially view, alter, or forge signatures on critical documents, leading to a loss of data integrity and non-repudiation. This poses a direct risk of financial fraud, contractual disputes, reputational damage, and non-compliance with data protection regulations.
Remediation Plan
Immediate Action: The primary remediation is to apply the security updates released by the vendor immediately. After patching, system administrators should review application and server access logs for any signs of unauthorized document access or unusual user activity that may indicate a prior compromise.
Proactive Monitoring: Implement continuous monitoring of application logs, focusing on access control events. Look for anomalies such as a single user account attempting to access a large number of documents in a short period, or requests to access resources that are outside of the user's typical role or permissions. Monitor for direct object reference attempts in web traffic.
Compensating Controls: If immediate patching is not feasible, consider implementing the following controls:
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of October 20, 2025, there are no known public proof-of-concept exploits or active exploitation of this vulnerability in the wild. However, due to the nature of access control flaws, exploits can be developed quickly once the vulnerability details are known. Threat actors may target document management systems to gain access to sensitive corporate or personal information.
Analyst Recommendation
Given the high CVSS score of 7.5 and the critical function of the affected software, we strongly recommend that organizations prioritize the deployment of the vendor-supplied patches. Although this vulnerability is not currently listed on the CISA KEV catalog, its potential impact on data confidentiality and integrity presents a significant risk. Patching should be completed in accordance with your organization's vulnerability management policy for high-severity findings.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpgurukul Hospital Management System 4
phpgurukul Hospital Management System 4
Executive Summary:
A high-severity vulnerability has been identified in the phpgurukul Hospital Management System, a product used for managing sensitive hospital operations and patient data. This flaw could allow an unauthenticated remote attacker to bypass security controls and gain unauthorized access to the system's database. Successful exploitation could lead to a complete compromise of confidential patient records, operational disruption, and significant reputational damage.
Vulnerability Details
CVE-ID: CVE-2025-56216
Affected Software: phpgurukul Hospital Management System
Affected Versions: 4.0
Vulnerability: The vulnerability is a pre-authentication SQL injection flaw in the user login interface of the Hospital Management System. An unauthenticated attacker can send a specially crafted SQL query to the login parameter, which is improperly sanitized before being processed by the backend database. By manipulating this input, an attacker can bypass the authentication mechanism, exfiltrate sensitive data from the database—including patient records (PHI), staff credentials, and administrative information—or potentially achieve remote code execution on the underlying server, depending on database permissions.
Business Impact
This vulnerability is rated as High severity with a CVSS score of 8.5. Exploitation could have severe consequences for the organization, leading to a major data breach of Protected Health Information (PHI). The potential business impact includes significant regulatory fines under frameworks like HIPAA, substantial reputational damage, and a loss of patient trust. Furthermore, the alteration or deletion of critical medical data could directly impact patient safety and disrupt essential hospital operations.
Remediation Plan
Immediate Action: Apply the security updates released by the vendor to all affected systems immediately. Prioritize patching for systems that are accessible from the internet. After patching, review access logs and database logs for any signs of compromise or attempted exploitation that may have occurred before the patch was applied.
Proactive Monitoring: Implement enhanced monitoring of the application and underlying infrastructure. Security teams should look for unusual or malformed SQL queries in web server access logs and database query logs, particularly targeting the login page. Monitor for anomalous network traffic patterns, such as large data transfers from the database server to unknown external IP addresses, which could indicate data exfiltration.
Compensating Controls: If immediate patching is not feasible, implement the following compensating controls to reduce the risk of exploitation:
Exploitation Status
Public Exploit Available: true
Analyst Notes: As of August 25, 2025, proof-of-concept (PoC) exploit code has been made publicly available. Threat intelligence indicates that this vulnerability is being actively discussed in underground forums, and widespread scanning for vulnerable instances is expected to begin shortly. While this CVE is not currently listed on the CISA KEV (Known Exploited Vulnerabilities) catalog, its high severity and the availability of a public exploit make it a prime candidate for future inclusion.
Analyst Recommendation
Given the high CVSS score of 8.5 and the public availability of exploit code, this vulnerability poses a significant and immediate threat to the organization. We strongly recommend that all instances of the phpgurukul Hospital Management System version 4.0 be patched immediately, with the highest priority given to internet-facing systems. Due to the critical nature of the data at risk, organizations should assume active exploitation is imminent and initiate threat hunting activities to search for evidence of compromise. If patching is delayed for any reason, compensating controls must be implemented without delay.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
---METADATA---
VENDOR: phpgurukul
PRODUCT: Hospital Management System
AFFECTED_VERSIONS: 4.0
CONFIDENCE: high
MISSING: patch, exploit_status
---END_METADATA---
Description Summary:
phpgurukul Hospital Management System version 4.0 contains a SQL injection vulnerability in index.php via the username parameter, allowing potential unauthorized database access.
Executive Summary:
A critical SQL injection vulnerability in the phpgurukul Hospital Management System exposes the backend database to unauthorized access and potential data exfiltration.
Vulnerability Details
CVE-ID: CVE-2025-56214
Affected Software: phpgurukul Hospital Management System
Affected Versions: 4.0
Vulnerability: This is a SQL injection vulnerability located in the index.php script. The vulnerability allows an unauthenticated attacker to manipulate the username parameter to execute arbitrary SQL commands against the underlying database.
Business Impact
The vulnerability carries a CVSS score of 9.8, indicating a critical risk to data confidentiality, integrity, and availability. Successful exploitation could lead to full database compromise, resulting in the theft of sensitive patient information, unauthorized administrative access, or complete system takeover.
Remediation Plan
Immediate Action: Upgrade to the latest version of the Hospital Management System provided by phpgurukul to incorporate the necessary input sanitization patches.
Proactive Monitoring: Review web server access logs for anomalous request patterns, particularly those containing SQL syntax characters (e.g., ', --, UNION) directed at index.php.
Compensating Controls: Deploy a Web Application Firewall (WAF) with strict SQL injection filtering rules to block malicious payloads targeting the username parameter.
Exploitation Status
Public Exploit Available: Not specified
Analyst Notes: As of Aug 25, 2025, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical severity of this SQL injection vulnerability, immediate action is required to patch the affected system. Organizations should prioritize updating the software and auditing database access logs to ensure no unauthorized activity has already occurred.
Update phpgurukul Hospital Management System Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
---METADATA---
VENDOR: phpgurukul
PRODUCT: Hospital Management System
AFFECTED_VERSIONS: 4.0
CONFIDENCE: high
MISSING: patch, exploit_status
---END_METADATA---
Description Summary:
phpgurukul Hospital Management System version 4.0 is susceptible to SQL injection in add-doctor.php via the docname parameter, potentially allowing unauthorized database manipulation.
Executive Summary:
A critical SQL injection vulnerability in the phpgurukul Hospital Management System allows remote attackers to interact with the backend database through unsanitized input.
Vulnerability Details
CVE-ID: CVE-2025-56212
Affected Software: phpgurukul Hospital Management System
Affected Versions: 4.0
Vulnerability: This vulnerability is a SQL injection flaw in the add-doctor.php script. An unauthenticated attacker can inject malicious SQL queries into the docname parameter, which is processed without adequate validation.
Business Impact
With a CVSS score of 9.8, this vulnerability poses a severe threat to the integrity of the hospital's clinical and administrative records. Exploitation could allow an attacker to read, modify, or delete sensitive records, leading to significant operational disruption and regulatory non-compliance.
Remediation Plan
Immediate Action: Apply the latest available update from the vendor to remediate the vulnerable parameter handling in add-doctor.php.
Proactive Monitoring: Monitor database query performance and audit logs for unusual or unauthorized query structures that deviate from expected application behavior.
Compensating Controls: Utilize a Web Application Firewall (WAF) to inspect incoming traffic and block requests containing malicious SQL injection patterns targeting the add-doctor.php endpoint.
Exploitation Status
Public Exploit Available: Not specified
Analyst Notes: As of Aug 25, 2025, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability represents a significant security risk that could lead to a total compromise of the application's database. IT administrators should verify their version of the software and apply patches immediately to prevent unauthorized data access.
Update phpgurukul Hospital Management System Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
YOSHOP 2
YOSHOP 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
LiquidFiles filetransfer server is vulnerable to a user enumeration issue in its password reset functionality
LiquidFiles filetransfer server is vulnerable to a user enumeration issue in its password reset functionality
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actio...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_diagnosis in file /usr/lib/lua/luci/controller/admin/diagnosis
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the get_...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the get_wanobj in file /usr/lib/lua/luci/controller/admin/common
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a craf...
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request t...
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie M18 EW_3
OS Command Injection vulnerability in Ruijie M18 EW_3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3
OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the netwo...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the network_set_wan_conf in file /usr/lib/lua/luci/controller/admin/netport
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actio...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_deal_update in file /usr/lib/lua/luci/controller/api/rcmsAPI
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actio...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request t...
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the subm...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the submit_wifi in file /usr/lib/lua/luci/controller/admin/common_quick_config
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST...
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST...
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie M18 EW_3
OS Command Injection vulnerability in Ruijie M18 EW_3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-YST AP_3
OS Command Injection vulnerability in Ruijie RG-YST AP_3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request t...
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a craf...
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the rest...
OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the restart_modules in file /usr/lib/lua/luci/controller/admin/common
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request t...
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request t...
OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST reques...
OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST...
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: tinyMQTT
PRODUCT: tinyMQTT
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: medium
MISSING: patch, exploit_status
---END_METADATA---
Description Summary:
The tinyMQTT broker incorrectly handles protocol violations during the processing of CONNECT packets, potentially leading to instability.
Executive Summary:
A protocol parsing flaw in the tinyMQTT broker, identified in commit 6226ade, presents a risk of service disruption.
Vulnerability Details
CVE-ID: CVE-2025-56352
Affected Software: tinyMQTT tinyMQTT
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability resides in the CONNECT packet parsing logic, where improper handling of protocol violations can be triggered by a remote, likely unauthenticated, attacker.
Business Impact
The CVSS score of 7.5 indicates a High severity risk, primarily impacting system availability. Successful exploitation could lead to a denial-of-service (DoS) condition, disrupting communication for any applications relying on the broker for message distribution.
Remediation Plan
Immediate Action: Update the tinyMQTT broker to the latest version or apply the specific commit fix referenced in the vendor's security documentation.
Proactive Monitoring: Monitor the MQTT broker for abnormal error rates, service restarts, or crash logs that may indicate an attempt to trigger the parsing vulnerability.
Compensating Controls: Utilize a network firewall or an MQTT-aware proxy to filter and validate incoming CONNECT packets before they reach the broker.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 19, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The reliance of IoT and messaging architectures on stable MQTT brokers makes this a priority for remediation. Operators should ensure that their broker implementations are patched to prevent potential service-level attacks.